package org.tgcloud.group.web.controller.app;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.tgcloud.group.core.BaseLogger;
import org.tgcloud.group.core.session.Session;
import org.tgcloud.group.core.session.SessionFactory;
import org.tgcloud.group.entity.LogInfo;
import org.tgcloud.group.entity.MjNormalUser;
import org.tgcloud.group.repository.LogInfoMapper;
import org.tgcloud.group.repository.MjNormalUserMapper;
import org.tgcloud.group.web.exception.CommonException;
import org.tgcloud.group.web.exception.NeedLoginException;
import springfox.documentation.annotations.ApiIgnore;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

/**
 * 拦截登录授权的校验
 */
@Controller("ClientAPPBaseController")
@ApiIgnore
public class ClientAPPBaseController extends BaseLogger {

    @Autowired
    private SessionFactory sessionFactory;

    @Autowired
    private MjNormalUserMapper normalUserMapper;

    @Autowired
    private LogInfoMapper logInfoMapper;

    private static List<String> authorityUrls = Lists.newArrayList("/user/");


    /*需要登录才可以获取session*/
    @ModelAttribute
    public void getSession(HttpServletRequest request, Model model)
    {
        /*这里对url做过滤，需要登录权限的进入下一步，其它直接设置null即可*/

        /*如果是worker的话，需要过滤下是否有访问权限*/
        String url = request.getRequestURI();

        //判断路径中是否含有url，如果有url则需要登录才可访问，获取token，判断是否已登录或有效，
        // 如果session为空则token过期
        if (checkNeedAuthority(url))
        {
            String token = request.getParameter("token");
            if (Strings.isNullOrEmpty(token))
            {
                throw new NeedLoginException("需要登录");
            }
            else
            {
                Session session = sessionFactory.getSession(token);
                if (session == null)
                {
                    throw new NeedLoginException("token过期");
                }
                /*权限判断、角色判断*/
                LogInfo logInfo = logInfoMapper.selectByToken(token);
                if (logInfo == null || logInfo.getStatus() != 1) {
                    sessionFactory.destroySession(token);
                    throw new NeedLoginException("需要登录");
                } else {
                    MjNormalUser user = normalUserMapper.selectByPrimaryKey(session.getUserId());
                    if (user == null || user.getStatus().intValue() != 1) {
                        throw new CommonException("账户已被禁用");
                    }
                }
                model.addAttribute("session", session);
            }
        }

    }

    public boolean checkNeedAuthority(String url)
    {
        System.out.println(url);
        for (String u : authorityUrls)
        {
            if (url.contains(u))
            {
                return true;
            }
        }
        return false;
    }

}
